There ate 3 new and 1 in development total 4 new features related to the security.

Field based Security

one can define the groups attribute on the field, page, notebook, button, or any other tag and form parser will check the current user for the assigned groups and based on the user groups relation tiny will generate he view for current user, if user not have the access to any field, page, or notebook, these ll will automatically hidden from the user view as you can see billow

hare you can see there are few fields are hidden in partner contact and also one tab page is not accessible called “Extra Info” these are few lines written like as follows

page string=”Extra Info” groups=”base.group_admin”

Work-flow Security

this is a small and good feature, form the user side no need to change in any configuration tiny will automatically handle the things to make the work flow buttons enable or disable according to the work flow signal role’s groups and current user’s groups.

for example in Invoice object, one role is created to confirm the invoice called “Invoice Manager” if the current user is demo user and he does not have the role to confirm the invoice e-tiny will disable the Create button for demo user while creating the invoice view for demo user, you can see in next screen.

Security based Action (Report, Wizard)
a new field added to 2 objects ir.actions.report.xml and ir.actions.wizard to have a groups based security to perform this actions. if there is a groups assign in to Report or Wizard, only user related to this groups can be able to access the Report or Wizard as you can see 2 different forms for the demo user and for the admin user.

Admin menu
here admin can access the Report Overdue Payment and all wizard as admin groups is given to the this report, same way for the Wizards admin groups is set so that all the users who belongs to the admin groups they can access report and wizard.

Demo Menudemo user is a Data entry user must not be able to access some Actions and Reports related to Accounting so for the same view he can not be able to perform such operations and not be able to